How to Make The Page Only Accessible Once Logged in PHP

Question

I am new to PHP and trying to put together a protype for an assignment. I am using the following login script together with a simple form fill for username and password. Once it checks the username and password against the database, if they match it takes the user to the welcome.php page. How can I make the welcome.php only viewable if a user has successfully logged in?

<?php
include("web_config.php");

 session_start();

  if($_SERVER["REQUEST_METHOD"] == "POST") {
  // username and password sent from form 

  $myusername = mysqli_real_escape_string($mysqli,$_POST['username']);
  $mypassword = mysqli_real_escape_string($mysqli,$_POST['password']); 

  $sql = "SELECT UserAccountID FROM UserAccounts WHERE Username = '$myusername' and Password = '$mypassword'";
  $result = mysqli_query($mysqli,$sql);
  $row = mysqli_fetch_array($result,MYSQLI_ASSOC);
  $active = $row['active'];

  $count = mysqli_num_rows($result);

  // If result matched $myusername and $mypassword, table row must be 1 row

  if($count == 1) {
   echo "User logged in."; header("location: welcome.php");
   } else {


         $error = "Your Login Name or Password is invalid";
      }
   }
 ?>
  <div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php    echo $error; ?></div>

score 0 · Accepted Answer · edited May 23 '17 at 12:07

0

You might want to have a look at Using sessions & session variables in a PHP Login Script which already contains quite some useful information on this topic.

edited May 23 '17 at 12:07

Community

1
1

answered May 23 '16 at 20:22

EagleRainbow

931
5
22

How to Make The Page Only Accessible Once Logged in PHP

1 Answers1